[quake3-bugzilla] [Bug 3780] Upgrade unzip.c from version 0.01 alpha to 1.01e
bugzilla-daemon at icculus.org
bugzilla-daemon at icculus.org
Mon Oct 19 12:18:37 EDT 2009
http://bugzilla.icculus.org/show_bug.cgi?id=3780
Ryan C. Gordon <icculus at icculus.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |icculus at icculus.org
Thilo Schulz <arny at ats.s.bawue.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |arny at ats.s.bawue.de
Resolution| |FIXED
--- Comment #6 from Ryan C. Gordon <icculus at icculus.org> 2009-09-14 12:00:56 EDT ---
I suppose the benefit is that our existing copy unzip.c appears to contain a
cut-and-paste of most of zlib 1.1.3, which has known bugs:
zlib Compression Library Corrupts malloc Data Structures via Double Free:
http://zlib.net/advisory-2002-03-11.txt
zlib inflate() routine vulnerable to buffer overflow:
http://www.kb.cert.org/vuls/id/680620
The zlib compression library is vulnerable to a denial-of-service condition:
http://www.kb.cert.org/vuls/id/238678
...so theoretically a malicious pk3 file downloaded from a server could own
your box.
This might be worth doing. :/
--ryan.
--- Comment #7 from Thilo Schulz <arny at ats.s.bawue.de> 2009-10-19 12:18:32 EDT ---
Thank you for this patch, it was helpful in doing all of this. check
r1681-r1683
--
Configure bugmail: http://bugzilla.icculus.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the quake3-bugzilla
mailing list